Severity
Prior to InSpec 3, severity was a numerical value
that is implicitly scaled as:
0.0 Informational
<0.4 Minor controls
<0.7 Major controls
<=1.0 Critical controls
We can now be more descriptive and use the
CVSS values: low, medium, high, critical
See
https://github.com/inspec/inspec/issues/562
control 'one' do
impact 1.0
control 'one' do
impact 'critical'